jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

wip uid/gid mapping

Browse Source
This commit is contained in:
Danilo Reyes
2026-01-17 13:36:51 -06:00
parent 1b76039f49
commit 20c8d082eb
20 changed files with 125 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
modules/servers/oauth2-proxy.nix
View File

@@ -6,10 +6,19 @@
let
setup = import ../factories/mkserver.nix { inherit lib config; };
cfg = config.my.servers.oauth2-proxy;
id = 967;
gid = id;
uid = id;
in
{
options.my.servers.oauth2-proxy = setup.mkOptions "oauth2-proxy" "auth-proxy" 4180;
config = lib.mkIf (cfg.enable && config.my.secureHost) {
users.groups.oauth2-proxy.gid = { inherit gid; };
users.users.oauth2-proxy = {
inherit uid;
isSystemUser = true;
group = "oauth2-proxy";
};
sops.secrets.oauth2-proxy = {
sopsFile = ../../secrets/env.yaml;
restartUnits = [ "oauth2-proxy.service" ];